… you can use PowerCLI to create, configure and assign the role required for the VMware View Manager and View Composer service account to access the vCenter. As I notice that I am involved with VMware Horizon View projects more and more, I find it important to cut back the amount of time required to setup or fix account permissions so this post serves to demonstrate how to create, configure and assign the role and service account for VMware Horizon View 5.2 and VMware vCenter 5.1.

Before I being, note that the documentation for the required permissions that I will be using can be found at the following URLs:

Prior to creating the role, we’ll need to assign the required permissions to a variable and prior to assigning the permissions to variable, we’ll need to identify the unique Id for the privilege by using the following PowerCLI command for each permission required:

Get-VIPrivilege -Name “<Name of permissions>” | FL

The reason why we need to identify the unique Id is because permissions such as Power On are generic and can be found in nodes such as Interaction:

… and vApp:

… which are permissions we don’t need. Without making this post too long, I will demonstrate the output for the Power On permissions in the PowerCLI:

Connect-VIServer <yourvCenterFQDN>

Get-VIPrivilege -Name “Power On” | FL

Note that the Power On permissions we’re interested in is under the ParentGroupID VirtualMachine.Interact and the unique Id is VirtualMachine.Interact.PowerOn.

Once I’ve gone through the list of privileges required, I was able to assign the permissions with the following cmdlet to assign the permissions to a variable: